Skills
skills/mtymek/opencode-obsidian/openspec-sync-specs/Gen Agent Trust Hub

openspec-sync-specs

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the openspec CLI tool with the list --json argument to retrieve available changes, which is a functional requirement for identifying sync targets.
  • [PROMPT_INJECTION]: The skill processes markdown content from 'delta specs' to update 'main specs', establishing an indirect prompt injection surface where instructions in the source files could theoretically influence the agent. However, this is inherent to the primary function of requirement synchronization and is mitigated by instructions to read all files and seek user selection.
  • Ingestion points: Specification files at openspec/changes/<name>/specs/*/spec.md and openspec/specs/<capability>/spec.md.
  • Boundary markers: Absent; the instructions do not specify the use of delimiters for the processed content.
  • Capability inventory: Access to execute the openspec CLI and perform file system read/write operations.
  • Sanitization: Absent; the skill relies on the agent's linguistic processing to merge content rather than programmatic sanitization.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 12:49 AM